Skip to main content

OAuth Discovery

Gateway MCP itself does not expose OAuth protected-resource metadata.

What to use instead

For gateway auth, use profile auth settings (token, jwt, oidc, mtls, none) and standard gateway headers.
For OAuth metadata discovery, use Management MCP endpoint:
- GET /api/v1/.well-known/oauth-protected-resource
- Optional host-root alias GET /.well-known/oauth-protected-resource

Why this matters

AI clients that require OAuth discovery should target Management MCP.
Gateway MCP clients should authenticate using gateway profile model and sessionized MCP calls.

What to use instead
Why this matters